Monitoring the health and status of network components is a big part of any network administrator's job, and it's an ongoing process. There are many devices that make up a network: workstations, servers, routers, switches, firewalls, WAPs, cables, UPSs and other components that are more or less critical to the operation of the network.
Even in a small network, manually checking each of these on a daily (or more frequent) basis can be tedious and time consuming. In the enterprise environment, automating the monitoring process is essential.
Why you should monitor
The purpose of monitoring is to catch problems — or potential problems — while they're small and rectify them before damage is done. The consequences of a downed mail server or file server or a bandwidth bottleneck can be hours or even days of lost productivity. A hardware problem such as a disk failure could result in data loss (if appropriate backup measures aren't in place or don't work properly). The more quickly you know what's going on, the more quickly you can fix it.
What to monitor
The first decision in creating an effective monitoring strategy, which will be crucial in determining what methods and software package(s) to use, is exactly what aspects of the network you want to monitor. At the least, you'll probably want to monitor some or all of the following:
- Hardware failures on servers
- Software problems on servers
- Resource usage by servers
- Operation of mission-critical services and applications on servers
- Disk space on servers and workstations
- CPU and memory usage; performance metrics
- Network bandwidth usage
Selecting a monitoring solution
If your network is small and you're on a tight budget, you can use tools built into the operating system and/or free utilities to keep tabs on your systems and network. A comprehensive monitoring strategy on a shoestring may require that you implement a combination of several software solutions to cover all bases.
Built-in and free monitoring tools
For example, you can use the System Monitor/Performance Monitor included with the Windows server operating systems to identify any performance bottlenecks that may spell trouble now or in the future. You can select from a huge number of counters to measure the performance of many of the server's services as well as processor, memory, network interface(s), physical disk and so on. And you can monitor counters from remote computers as well as the local one. The Performance Logs and Alerts feature can be used to log events and send a network message when a specified threshold value is reached.
The Windows event logs are also useful tools for monitoring system and application activities, as well as security-related events. Warnings and error messages can indicate brewing or extant problems.
You can view the event logs on remote Windows computers using WMI or with third-party software products such as the (free) Event Log Explorer.
There are many free network and server monitoring tools available. Some of these include:
- Sysinternals monitoring utilities: Includes CPUMon, DiskMon, FileMon (for Windows or Linux), PMon, PortMon, Process Explorer, RegMon, TCPView, TDIMon, TokenMon and others.
- Big Brother: Free (for non-commercial use) "little brother" of the more robust Big Brother Professional Edition, displays information about the status of your systems via a web page or WML pages for WAP-enabled devices, with a sophisticated notification feature.
- WaveXMonX: Easy to install, examines event logs, backups, disk space, CPU, memory, services, newly added or removed applications. When a problem is detected the software queries the WaveX database and emails a notification. Works with NT4, Windows 2000, Server 2003 and SBS 2000/2003. You can download a free version on the site.
- ManageEngineOpManager: Monitors CPU, memory, disk space, event logs and services, firewall and UPS, switch and printers, URL monitoring, WAN link, application monitoring for Oracle, MS SQL, Exchange, Lotus Notes. Supports email and SMS notification. Free version allows you to monitor and manage up to 20 network devices. More info at Commercial monitoring solutions.
In addition to all the free monitoring tools out there…
Talkback
Hi Deb,
I am pained that you left out ManageEngine EventLog Analyzer (www.eventloganalyzer.com) from your list of event log analysis product..
ManageEngine EventLog Analyzer is a web-based, agent-less syslog and event log management solution that collects, archives, and reports on event logs from distributed Windows host and, syslogs from UNIX hosts, Routers and Switches. It helps organizations meet host-based security event management (SEM) objectives and adhere to demands of regulatory compliance requirements likes HIPAA, SOX, and GLBA . We provide Free downloads for managing upto 5 hosts (which could include Windows, Unix or any syslog generating device like routers & switches and more...)
ps: MailRoomUK@cnet.com does not work !
This post has been removed by a moderator.